Global enforcement trends: What global corporates need to know

Corporate criminal liability is undergoing a transformation. Legislators and regulators across key markets are rewriting the rules – tightening definitions, expanding attribution, and raising the stakes for companies and their leadership.

In Europe, the EU Anti-Corruption Directive signals a bold move toward harmonized enforcement. It introduces sweeping obligations for companies, including mandatory compliance frameworks and turnover-based sanctions. Crucially, it expands liability to legal persons for misconduct tied to leadership failures, making oversight a legal risk, not just a governance issue.

The UK is following suit with the “failure to prevent fraud” offence, effective from September 2025. Large corporates could face automatic liability for fraud committed by employees or associates unless they can demonstrate effective prevention controls. With expanded attribution rules, which now include senior managers, the UK regime is becoming significantly more aggressive.

The US recently closed a gap in anti-corruption law.  The Foreign Extortion Prevention Act now makes it illegal for foreign officials to demand, seek or accept bribes from US entities. This could increase pressure on companies to report extortionate demands and strengthen compliance controls.

Mexico’s new Ministry of Anti-Corruption and Good Governance has promised to focus on prevention and good governance rather than punishment. The Ministry will aim to modernize public administration and strengthen a culture of reporting and compliance. In 2024-2025, these actions reportedly saved the country MXN70 billion.

France is refining its approach to negotiated justice. While CJIPs (French deferred prosecution agreements) are still exclusive to corporates, recent reforms now allow prosecutors to revisit rejected plea deals with individuals, offering a second chance at settlement and signalling a more pragmatic enforcement stance.

China is intensifying its crackdown. Recent amendments to both the Criminal Law and Anti-Unfair Competition Law expand liability to private sector executives, raise penalties and introduce personal fines. Enforcement is increasingly coordinated across agencies, with sector-specific guidance – particularly in healthcare – setting new expectations for internal controls.

India is sharpening its audit lens. Under new NFRA guidance, auditors have to report suspected fraud within two days, even if they weren’t the first to identify it. For larger cases, silence from the board triggers mandatory escalation to regulators. Resignation is not a shield, and professional scepticism is non-negotiable.

Under a new Saudi Arabian anti-corruption law, the Oversight and Anti-Corruption Authority (Nazaha) can now apply a “reverse burden of proof” in bribery cases, requiring government employees to prove the legitimacy of assets inconsistent with their reported income. The accused official must demonstrate the legal source of unexplained wealth to avoid conviction for bribery and corruption. 

Likewise, Indonesia is also pushing the boundaries of asset recovery by seeking to  introduce a new law that reverses burden of proof, requiring suspects to justify the origin of their assets, potentially extending beyond corruption to other serious crimes. If passed, it could redefine the landscape for civil forfeiture in the region.

Across jurisdictions, enforcement is becoming more assertive, more coordinated and more personal. For multinationals, this means rethinking risk – embedding compliance deeper into operations, empowering leadership with accountability, and preparing for a world where criminal liability isn’t just a legal issue, but a strategic one.

New governments in the US, the UK, France and Germany in the last 18 months have ushered in new leadership and regulatory priorities. These transitions are already reshaping the enforcement landscape, particularly in the areas of fraud, bribery and corporate misconduct.

The US has updated several policies to refocus on eliminating cartels and transnational criminal organisations, and to fight against foreign bribery and complex money laundering. New guidance also prioritizes victim compensation, strategic cross-border coordination, and risk-based monitorships, while reinforcing declinations for voluntary disclosure and cooperation.

Mexico’s new president, Claudia Sheinbaum, has taken up the fight against corruption. The government is planning to form a new Federal Anti-Corruption Agency to fight against impunity and strengthen cooperation between international agencies.

In the UK, the Serious Fraud Office (SFO) has issued updated guidance on corporate cooperation and self-reporting, seeking to persuade companies to come forward with information of misconduct with the promise of more lenient treatment.

In Germany, public prosecutors are still enforcing white collar crime, focusing on sanctions violations. And there’s been a noticeable uptick in proceedings against corporations. At the same time, authorities are struggling with an increased caseload and a severe lack of resources.

The new International Anti-Corruption Prosecutorial Taskforce – made up of the UK’s SFO, France’s Parquet National Financier, and Switzerland’s Office of the Attorney General – is coordinating efforts to lead multijurisdictional investigations and share intelligence.

Companies operating across jurisdictions have to ensure their compliance programs aren’t only robust but also agile enough to respond to evolving expectations around transparency, governance and remediation.

Technology isn’t just a support function – it’s central to how regulators expect companies to manage bribery and corruption risk. Enforcement agencies are deploying AI and data analytics to investigate foreign bribery and they expect corporates to keep pace.

The rise of agentic AI systems capable of autonomous decision-making is reshaping compliance. Research indicates that agentic AI will be able to detect corruption risks in real time, monitor financial anomalies and uncover complex bribery schemes across borders. Regulators are watching how companies use these tools – and whether they’re using them well.

Audit institutions across Europe are already integrating AI into investigations, boosting efficiency and enabling pattern analysis. In Asia Pacific, regulatory frameworks are accelerating adoption: Singapore’s Corporate Service Providers Act is pushing firms toward AI-driven client screening, while India’s enforcement of the Prevention of Corruption Act is driving uptake of AI tools for third-party risk and whistleblower management.

Australia’s National Anti-Corruption Commission is also exploring AI’s potential. And recent reforms to foreign bribery laws introduce a new “adequate procedures” defence, raising the bar for compliance systems. As demand grows for smarter risk analytics, the market is responding with innovative, AI-powered fraud detection solutions.

Regulators expect AI-enabled compliance systems with enterprise-wide visibility and real-time responsiveness. Companies must ensure transparency, auditability and governance of these tools or risk falling behind. Modernising compliance isn’t just about efficiency – it’s about survival.

Whistleblower protections are no longer a niche compliance concern – they’re a frontline issue in global enforcement. Legal frameworks are strengthening, incentives are rising and regulators are taking a harder line on retaliation and obstruction.

The US’s new Corporate Whistleblower Awards Pilot Program offers awards for original, timely information leading to forfeitures of USD1 million or more. The list of eligible categories now includes cartel, terrorism and fraud cases.

Europe’s whistleblower directive has reshaped expectations for internal reporting. Companies have to offer secure channels, designate responsible officers and respond within strict timelines. Enforcement is still uneven, but the direction of travel is unmistakable – greater protection, broader scope and more pressure to comply.

Asia is also stepping up. Japan’s recent reforms introduced criminal penalties for retaliation and extended protections to freelancers. And China is offering substantial financial rewards for disclosures, including sector-specific schemes in food and healthcare. These developments reflect a growing recognition that whistleblowers are essential to integrity – and that protecting them is non-negotiable.

Australia’s framework is well established, but enforcement is intensifying. A recent AUD7.5 million penalty for victimisation shows regulators are willing to act. And courts are backing them. While compensation is still unlegislated, whistleblowers can sue for damages, and further reforms are under discussion.

Whistleblowing is becoming a high-stakes compliance issue. Internal channels have to be secure. Retaliation safeguards need to be robust. And policies have to align with evolving global standards. Because when someone breaks the silence, regulators are listening – and they’re ready to act.

Anti-bribery enforcement is intensifying across Asia Pacific and Latin America, with regulators targeting sector-specific risks and expanding cross-border cooperation.

In APAC, India and Singapore are tightening laws, while China’s sweeping healthcare crackdown and Vietnam’s focus on crypto-linked corruption reflect a broader pivot toward tech-driven and sustainability-linked compliance.

In the US, when US interests aren’t directly implicated, the DOJ is more likely to defer to capable foreign authorities or provide assistance in foreign‑led investigations – heightening the importance of local enforcement readiness and cross‑border strategy.

Latin America is seeing a surge in international collaboration. Mexico and Brazil are working closely with US and EU authorities, while Argentina, Colombia and Chile are advancing corporate liability frameworks and transparency standards.

Despite uneven enforcement and political challenges, the regulatory momentum is undeniable.

For global companies, these shifts demand more than policy updates – they require embedded local capabilities, robust third-party oversight and proactive documentation.

Companies should treat regional developments as part of a global compliance recalibration. In today’s landscape, local enforcement can have global consequences.